Title

Timely Rootkit Detection During Live Response

Document Type

Conference Proceeding

Publication Date

2008

Abstract

This paper describes a non-intrusive rootkit detection tool designed to support forensic investigations that involve the live analysis of computer systems. The tool, which does not require pre-installation, correlates outputs from multiple system data gathering utilities. Test results indicate that the tool successfully detects several well-known rootkits, including Hacker Defender, AFX, Vanquish, FU and FUto. Abstract © Springer

Comments

The "Link to Full Text" on this page loads the PDF of the chapter, furnished open-access through the Springer Nature SharedIt content-sharing initiative. The publisher retains permissions to re-use and distribute this chapter in IFIP vol. 285.

DOI

10.1007/978-0-387-84927-0_12

Source Publication

IFIP — The International Federation for Information Processing, vol. 285

Share

COinS